]> source.dussan.org Git - nextcloud-server.git/commitdiff
Fix duplicate session token after remembered login 7568/head
authorChristoph Wurst <christoph@winzerhof-wurst.at>
Mon, 18 Sep 2017 08:33:19 +0000 (10:33 +0200)
committerChristoph Wurst <christoph@winzerhof-wurst.at>
Tue, 19 Dec 2017 08:17:06 +0000 (09:17 +0100)
On a remembered login session, we create a new session token
in the database with the values of the old one. As we actually
don't need the old session token anymore, we can delete it right
away.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
lib/private/Authentication/Token/DefaultTokenProvider.php
tests/lib/Authentication/Token/DefaultTokenProviderTest.php

index 6fd85295e033f8289ee3ad9c5305b6947e9e2255..f099aca9d99686957d77984dc4cb034befbd047c 100644 (file)
@@ -195,6 +195,7 @@ class DefaultTokenProvider implements IProvider {
                $newToken->setRemember($token->getRemember());
                $newToken->setLastActivity($this->time->getTime());
                $this->mapper->insert($newToken);
+               $this->mapper->delete($token);
        }
 
        /**
index 2c8c2d7e1968b87891db887012311f5300342653..96fdbaa176f5167c88f3cdeca045af41972b06b1 100644 (file)
@@ -318,6 +318,10 @@ class DefaultTokenProviderTest extends TestCase {
                        ->expects($this->at(1))
                        ->method('insert')
                        ->with($newToken);
+               $this->mapper
+                       ->expects($this->at(2))
+                       ->method('delete')
+                       ->with($token);
 
                $this->tokenProvider->renewSessionToken('oldId', 'newId');
        }
@@ -384,6 +388,10 @@ class DefaultTokenProviderTest extends TestCase {
                        ->expects($this->at(1))
                        ->method('insert')
                        ->with($this->equalTo($newToken));
+               $this->mapper
+                       ->expects($this->at(2))
+                       ->method('delete')
+                       ->with($token);
 
                $this->tokenProvider->renewSessionToken('oldId', 'newId');
        }